CVE-2010-0685

Name of the Vulnerable Software and Affected Versions Asterisk Open Source versions 1.2.x through 1.6.x Asterisk Business Edition versions B.x.x through C.x.x

Description The dialplan functionality in Asterisk allows context-dependent attackers to inject strings into the dialplan using metacharacters that are injected when the ${EXTEN} channel variable is expanded. This can be demonstrated using the Dial application to process a crafted SIP INVITE message, potentially adding an unintended outgoing channel leg.

Recommendations For Asterisk Open Source versions 1.2.x through 1.6.x, consider implementing filtering functionality to prevent metacharacter injection when using the ${EXTEN} channel variable. For Asterisk Business Edition versions B.x.x through C.x.x, consider implementing filtering functionality to prevent metacharacter injection when using the ${EXTEN} channel variable. As a temporary workaround, consider restricting the use of the Dial application with crafted SIP INVITE messages until a more comprehensive solution is available.